Backup & Disaster Recovery Kit
Battle-tested backup scripts and disaster recovery runbooks for production infrastructure.
Automate your backups, verify their integrity, and recover in minutes -- not hours.
What You Get
- 6 production backup & restore scripts covering PostgreSQL, MySQL, filesystems, and Docker volumes
- Backup verification with integrity checks, checksum validation, and test restores
- Configurable schedules & retention via YAML (daily, weekly, monthly, yearly)
- Multi-channel notifications (Slack, email, PagerDuty) on success or failure
- Docker-based backup agent for containerized environments
- Disaster recovery runbooks with RPO/RTO analysis and step-by-step procedures
- Strategic guide covering the 3-2-1 rule, encryption, compliance, and cross-region replication
File Tree
backup-disaster-recovery/
├── README.md
├── manifest.json
├── LICENSE
├── scripts/
│ ├── backup-postgres.sh # pg_dump + compression + S3 upload
│ ├── backup-mysql.sh # mysqldump + compression + S3 upload
│ ├── backup-filesystem.sh # rsync/rclone incremental + encryption
│ ├── backup-docker-volumes.sh # Stop, tar, upload, restart
│ ├── restore-postgres.sh # Download from S3 + pg_restore + verify
│ ├── restore-filesystem.sh # Download, decrypt, restore
│ └── verify-backups.sh # Integrity check + test restore
├── configs/
│ ├── backup-schedule.yaml # Cron schedules for all backup types
│ ├── retention-policy.yaml # Retention rules by tier
│ └── notification.yaml # Slack, email, PagerDuty config
├── docker/
│ ├── backup-agent/
│ │ ├── Dockerfile # Lightweight backup agent
│ │ └── entrypoint.sh # Agent entrypoint
│ └── docker-compose.yml # Agent + MinIO for testing
├── runbooks/
│ ├── disaster-recovery-plan.md # RPO/RTO + step-by-step recovery
│ └── backup-verification-checklist.md
└── guides/
└── backup-strategy.md # 3-2-1 rule, encryption, compliance
Getting Started
1. Configure your environment
# Copy and edit the config files
cp configs/backup-schedule.yaml configs/backup-schedule.local.yaml
cp configs/notification.yaml configs/notification.local.yaml
# Set required environment variables
export AWS_ACCESS_KEY_ID="your-key"
export AWS_SECRET_ACCESS_KEY="your-secret"
export BACKUP_BUCKET="s3://your-backup-bucket"
export ENCRYPTION_KEY="your-32-char-encryption-key"
2. Run your first backup
# PostgreSQL backup with compression and S3 upload
./scripts/backup-postgres.sh \
--host db.example.com \
--database myapp_production \
--bucket s3://my-backups/postgres
# Filesystem backup with encryption
./scripts/backup-filesystem.sh \
--source /var/www/app/uploads \
--destination s3://my-backups/files \
--encrypt
# Verify backup integrity
./scripts/verify-backups.sh --bucket s3://my-backups --type postgres
3. Test with Docker (local MinIO)
cd docker/
docker compose up -d
# MinIO UI available at http://localhost:9001 (minioadmin/minioadmin)
# Run a test backup against local MinIO
BACKUP_BUCKET="s3://test-backups" \
AWS_ENDPOINT_URL="http://localhost:9000" \
../scripts/backup-postgres.sh --host localhost --database testdb
Architecture
┌─────────────────────────────────────────────────────────┐
│ Backup Agent (Docker) │
│ ┌──────────┐ ┌──────────┐ ┌────────────────────┐ │
│ │ Postgres │ │ MySQL │ │ Filesystem │ │
│ │ pg_dump │ │ mysqldump│ │ rsync / rclone │ │
│ └────┬─────┘ └────┬─────┘ └────────┬───────────┘ │
│ │ │ │ │
│ └──────────┬───┴──────────────────┘ │
│ │ │
│ ┌──────▼──────┐ │
│ │ Compress │ gzip / zstd / lz4 │
│ │ Encrypt │ AES-256 (openssl) │
│ └──────┬──────┘ │
│ │ │
│ ┌──────▼──────┐ ┌──────────────────┐ │
│ │ Upload to │────▶│ S3 / B2 / GCS │ │
│ │ Object │ │ (3-2-1 rule) │ │
│ │ Storage │ └──────────────────┘ │
│ └──────┬──────┘ │
│ │ │
│ ┌──────▼──────┐ ┌──────────────────┐ │
│ │ Notify │────▶│ Slack / Email │ │
│ │ on result │ │ PagerDuty │ │
│ └─────────────┘ └──────────────────┘ │
└─────────────────────────────────────────────────────────┘
Requirements
| Tool | Version | Purpose |
|---|---|---|
| Bash | 5.x+ | Script runtime |
| AWS CLI | 2.x | S3 upload/download |
| PostgreSQL | 14+ | pg_dump / pg_restore |
| MySQL | 8.x | mysqldump |
| rsync | 3.x | Incremental filesystem backups |
| rclone | 1.60+ | Multi-cloud storage transfers |
| Docker | 24.x+ | Backup agent container |
| openssl | 3.x | AES-256 encryption |
| jq | 1.6+ | JSON processing in scripts |
| curl | 7.x+ | Slack/PagerDuty notifications |
Related Products
- Monitoring Stack Setup — Prometheus, Grafana, and alerting setup
- Log Management Toolkit — Centralized logging with ELK and Loki
- Linux Hardening Scripts — CIS benchmark-aligned hardening scripts
This is 1 of 6 resources in the DevOps Toolkit Pro toolkit. Get the complete [Backup Disaster Recovery] with all files, templates, and documentation for $XX.
Or grab the entire DevOps Toolkit Pro bundle (6 products) for $178 — save 30%.
Top comments (0)